GENERATING RULE PACKS FOR MONITORING COMPUTER SYSTEMS
First Claim
1. A system for generating a rule pack comprising a plurality of monitoring rules for monitoring a computer, wherein a monitoring rule specifies an action to take in response to an event occurring in said computer, said system comprising:
- a subsystem for receiving a plurality of monitoring rules, said plurality of monitoring rules specified in a markup language;
a subsystem for combining said plurality of monitoring rules to produce a rule pack;
a subsystem for adding to said rule pack at least one common setting, wherein a common setting applies to two or more monitoring rules in said rule pack, and wherein said at least one common setting is specified in a markup language; and
a subsystem for converting said rule pack from a markup language to a binary file for use by a monitoring service.
2 Assignments
0 Petitions
Accused Products
Abstract
Improved systems and methods for developing rule packs can include receiving monitoring rules specified in a markup language, and combining them to produce a rule pack. Combining processes can leverage product development processes such as Integrated Development Environments (IDEs), thereby allowing any number of developers to work on the same rule pack simultaneously. Common settings may be added to rule packs in an automated, platform-specific way, thereby eliminating the need for rule writers to concern themselves with such common settings. Rule packs may be converted from a markup language to a binary file for use by a monitoring service.
97 Citations
20 Claims
-
1. A system for generating a rule pack comprising a plurality of monitoring rules for monitoring a computer, wherein a monitoring rule specifies an action to take in response to an event occurring in said computer, said system comprising:
-
a subsystem for receiving a plurality of monitoring rules, said plurality of monitoring rules specified in a markup language; a subsystem for combining said plurality of monitoring rules to produce a rule pack; a subsystem for adding to said rule pack at least one common setting, wherein a common setting applies to two or more monitoring rules in said rule pack, and wherein said at least one common setting is specified in a markup language; and a subsystem for converting said rule pack from a markup language to a binary file for use by a monitoring service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for generating a rule pack comprising a plurality of monitoring rules for monitoring a computer, wherein a monitoring rule specifies an action to take in response to an event occurring in said computer, said method comprising:
-
receiving a plurality of monitoring rules, said plurality of monitoring rules specified in a markup language; combining said plurality of monitoring rules to produce a rule pack; adding to said rule pack at least one common setting, wherein a common setting applies to two or more monitoring rules in said rule pack, and wherein said at least one common setting is specified in a markup language; and converting said rule pack from a markup language to a binary file for use by a monitoring service. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A method for separating a markup language rule pack file comprising monitoring rules for monitoring a computer into a plurality of rule group manifest files, comprising:
-
identifying a first rule group in said markup language rule pack file that corresponds to a rule group specified in a markup language rule group map file; identifying a common setting within said first rule group, wherein a common setting applies to two or more monitoring rules in said a markup language rule pack file; generating a rule group manifest file corresponding to said first rule group, wherein said common setting is not visible from a default view of said rule group manifest file; repeating the steps above for each rule group specified in said markup language rule group map file. - View Dependent Claims (18, 19, 20)
-
Specification